Jump to content

Report: Major Windows security update foiled

DigitalX

By DigitalX
in General News

 Share

Recommended Posts

DigitalX Newbie

DigitalX

Posted
Posted

A Russian security company claims it found a way to beat a security measure in Microsoft's Windows XP Service Pack 2, a major update aimed at securing customers' PCs.

 

The SP2 measure, known as Data Execution Protection, is intended to prevent would-be attackers from inserting rogue code into a PC's memory and tricking Windows into running the program. However, in a paper published Friday, Moscow-based Positive Technologies said two minor mistakes in the implementation of the technology allow a knowledgeable programmer to sidestep the protection.

 

The company notified Microsoft of the problem Dec. 22, but it apparently decided not to wait for the software giant to patch the flaws.

 

Neither Microsoft nor Positive Technologies immediately responded to requests for comment Friday.

 

After several delays, Microsoft began rolling out SP2 in August of last year, at which time company Chairman Bill Gates called the update "a significant step in delivering on our goal to help customers make their PCs better isolated and more resilient in the face of increasingly sophisticated attacks."

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...